After months of widespread publicity about bogus eCard notification emails that point to malware websites, Internet users are hopefully becoming more aware of the potential security risks.

However, at Halloween, people expect to get Halloween related eCards. Cyberscum have capitalized on this by bombarding inboxes with eCard emails that promise "just a little Halloween fun" for those who click an included link.

Clicking the link brings up a Halloween themed web page that contains malicious javascript code that tries to download malware. The page urges the visitor to click another link to download a dancing skeleton. However, the "dancing skeleton" is a .exe file that can install still more malware on the victim's computer.